Privacy Notice

Fakeeh Care Group and its subsidiaries ("Fakeeh Care") are committed to protecting the data of patients and data subjects in accordance with the Personal Data Protection Law issued under Royal Decree No. (M/19) dated 9/2/1443 H, as amended by Royal Decree No. (M/148) dated 5/9/1444 H, and the standards and controls of the Saudi Data and Artificial Intelligence Authority (SDAIA) and relevant systems and policies. This notice aims to help you understand the nature of the data we collect from you and how Fakeeh Care will handle this data.

By using our website or services, you agree to the terms outlined in this privacy notice.

What personal data is collected and how is it used

Fakeeh Care Group and affiliated entities collect the minimum amount of personal data necessary to achieve the purposes for which it was collected. The personal data includes, but is not limited to:

• Personal information (such as name, date of birth, ID or residency number, nationality, gender)
• Contact information (such as address, phone number, email)
• User login information (such as authentication credentials)
• Technical information (such as cookies/IP address)
• Geographic location (in some cases, the user may be asked to provide consent to determine their location to benefit from certain electronic services)

We use the information collected for the following purposes:

1. Providing requested healthcare services
2. Improving our websites and services
3. Notifying you of changes to our website or Mobile application
4. Communicating with you for follow-up on the medical services provided or responding to your inquiries, complaints, or comments
5. Marketing and promotional purposes and informing you about available healthcare services
6. Enhancing the quality of services provided

When you browse our website, our hosting systems automatically collect user information related to browsing activity for statistical purposes and performance evaluation. This information does not reveal your personal identity and is used to improve the content and performance of our website.

Rights of the data subject

Data subjects have the following rights concerning their data:

• Right to know: The data subject has the right to know how their personal data is used, how the data is collected, and the purpose of collecting it.
• Right to access and obtain personal data: The data subject has the right to request a copy of their personal data.
• Right to correct or update personal data: The data subject has the right to request the correction or updating of their personal data that they consider inaccurate, incorrect, or incomplete, and it will be reviewed and updated.
• Right to delete personal data: The data subject has the right to request the deletion of their personal data in specific cases, unless there is a legal provision specifying a specific retention period or contractual requirements.
• Right to withdraw consent to the processing of personal data: The data subject has the right to withdraw their consent to the processing of their personal data at any time, unless legal or judicial requirements dictate otherwise.

Methods of Data Collection

Direct methods:

• Through collecting data through the website, mobile applications, email, mail, or via a phone call to our call center or when visiting Fakeeh Care hospitals and its affiliated entities.

Indirect methods:

• Electronic services may store what is known as "cookies" on your computer or similar devices when using electronic services. Cookies are part of the data that uniquely identifies you as a user and may be used to improve your knowledge of electronic services and better understand the user base of the platform.
• Most electronic services are initially set to accept cookies. You can reset your browser, computer, or smartphone to reject all cookies or notify you when cookies are being sent. Please note that some services provided through electronic services may not function properly if cookies are rejected.

Children's personal data

Anyone creating an account for our electronic services must be at least 18 years old. The parent or guardian is responsible for registering and updating the child's personal data, and the parent or guardian is responsible for all the rights that the data subject enjoys on behalf of the child.

Protection of personal data and disclosure

Fakeeh Care Group is committed to protecting your personal information and will not disclose it without your consent, except in cases required by law. We take strict measures to protect your information from unauthorized access, use, disclosure, alteration, or destruction. We recommend that you notify us immediately if you suspect unauthorized access to your personal or confidential information. Additionally, you should protect your data by using a secure environment and not disclosing your confidential information through insecure channels. We recommend using secure browsers and updated antivirus software when accessing electronic services online.

Fakeeh Care Group will not disclose your personal data without your consent except under the following circumstances, where the entity requesting disclosure is a government entity. In such cases, the data will be shared following the rules and procedures specified by the applicable personal data protection law in the Kingdom of Saudi Arabia:

• For security purposes
• To enforce another law
• To meet judicial requirements
• For health insurance companies
• To protect public health or safety
• To protect the life or health of an individual

Disclaimer

This electronic platform belongs to Fakeeh Care Group (referred to here as "the site" or "the platform") and is available for your personal use. Your access to and use of this platform are subject to the terms of the privacy notice and the laws of the Kingdom of Saudi Arabia. Your access and use of this platform imply unconditional acceptance of the terms and conditions of use, whether you are a registered user or not, effective from the date of your first use of this platform.

Retention period of personal data

Your personal data will be stored as long as necessary, following the specified retention periods, for the purposes for which it was collected and to meet any legal, regulatory, accounting, or reporting requirements. Personal data is securely deleted after the specific purpose for its collection has been fulfilled.

Updates to the privacy policy

Fakeeh Care Group reserves the right to modify this privacy policy when necessary, for example, in accordance with new laws. Any updates to this privacy notice will be made available here. Therefore, we recommend checking it periodically. These changes shall be effective from the time of their publication on the Fakeeh Care website. Your continued use of our services after any changes to this privacy notice constitutes your acceptance of any such changes.

Contact us

For any inquiries, comments, or complaints related to the privacy policy, or to correct, delete, or dispose of personal data or to request withdrawal of consent to the processing of your personal data, please contact us via email: DPO@Fakeeh.care

Links to other websites

Our website and mobile apps may contain links to third-party websites, which may have separate privacy policies. You should read the privacy policy of those websites to determine their information security practices and privacy policies.